2

I have setup IDP using componentspace SAML2.0

Service provider is also on componentspace SAML2.0

Certificate Algorithm: RSASHA256

We do not have service provider certificate details as we are sending SAMLResponse without AuthRequest

<IdentityProvider Name="http://localhost/ExampleIdentityProvider"
                Description="Example Identity Provider"
                LocalCertificateFile="Certificates\idp.pfx"
                LocalCertificatePassword="password"/>

<PartnerServiceProviders>
<!-- Web forms example -->
<PartnerServiceProvider Name="abc"
                        Description="Example Service Provider"
                        WantAuthnRequestSigned="false"
                        SignSAMLResponse="true"
                        SignAssertion="false"
                        EncryptAssertion="false"
                        AssertionConsumerServiceUrl="https://abc.xyz/sso/saml/servicerequest"
                        SingleLogoutServiceUrl="http://abc.xyz/sso/saml"
                        PartnerCertificateFile="Certificates\sp.cer"/>

I am getting these errors on sending assertion on our side.

CryptographicException: Invalid algorithm specified.
SAMLSignatureException: Failed to generate the XML signature.

CDspace
  • 2,639
  • 18
  • 30
  • 36
Divya
  • 41
  • 3

1 Answers1

1

Do you get the same error if you use the idp.pfx file that we include with our examples? If not, I suspect your private key isn't specifying the correct cryptographic service provider (CSP) to support SHA-256 signature generation. Please refer to the following article which explains how to specify the correct CSP.

http://www.componentspace.com/Forums/1578/SHA256-and-Converting-the-Cryptographic-Service-Provider-Type

ComponentSpace
  • 1,287
  • 6
  • 9